Not handing over your passwords is a terrorist offence, citizen

WELCOME to Connected Rights, your cat in the cradle of digital rights news and analysis.

NOT HANDING OVER YOUR PASSWORDS IS A TERRORIST OFFENCE in the UK. I’ve briefly mentioned the case of Mohammad Rabbani before (http://bit.ly/2whZWQZ), but now he’s been officially found guilty: http://bit.ly/2yEsztz

Rabbani is the international director of human rights group Cage, an NGO that advocates for due process in the context of the “War on Terror”. Last year he was passing through a London airport when the police there demanded the passwords to his phone and laptop, where he was storing details of a case he was working on. He refused, as he had done previously, and was charged with willfully obstructing police – a terrorist offence in this case.

Rabbani isn’t going to jail, though, as the judge gave him a year-long conditional discharge (i.e. he won’t be sentenced unless he commits another offence in that period). He also has to pay £620 in costs.

“Of course the decision is not one that we had been hoping for, but the judge understood and expressed this case is complicated. As the judge mentioned: ‘The importance of passwords and privacy cannot be overstated in the 21st century’,” Rabbani said. “Ultimately this was a matter of having been profiled at a port. There are important implications for our collective privacy as [schedule 7 of the UK Terrorism Act 2000] acts as a digital strip search.”

Rabbani added that he and Cage had “won the moral argument” and would be appealing. Hopefully his appeal will lead to a change in the law.

TWITTER HAS ANTI-ABUSE RULES that ban users from threatening people over the service. So why hasn’t it nailed Donald Trump for his tweets, such as the one that North Korea took (perhaps disingenuously) as a declaration of war? Because Trump’s tweets are newsworthy: http://for.tn/2xHW1R8

The threat of Armageddon aside, that’s not actually a bad defence – the public interest is usually a good reason to avoid censoring things (see also: crooks trying to use the EU’s “right to be forgotten” to remove online articles about their past crimes). However, given the terrible job Twitter generally does when combatting abuse on its platform, its claim to “hold all accounts to the same rules” has met with an understandably derisive response.

FACEBOOK IS GOING TO BE MORE TRANSPARENT about the political advertising that takes place on its platform, making it easier for people to see which ads an advertiser is running, and which advertisers are behind a particular ad: http://bit.ly/2xxPGI4

The key here will be how easy Facebook makes it in practice for people to find these things out. Also, how easy will it be for advertisers to obfuscate their true identities by creating opaquely-attributed accounts? There’s a lot of detail we still need to see. However, it does at least look like a good and necessary step in making people more media-literate and less susceptible to manipulation online.

ON THE SUBJECT OF FACEBOOK AND RUSSIA (implied above), the Russian authorities are threatening to block the world’s biggest social network if it doesn’t obey the law about storing Russian people’s personal data in Russia: https://bloom.bg/2xuDQyM

A reminder: LinkedIn is already a victim of this. Russia is not afraid to block big names.

CHINA HAS BLOCKED WHATSAPP because, well, there’s a Communist Party conference coming up and order is everything: http://bit.ly/2wh6tvA

Want to support this newsletter? If so, you’re awesome and you should be heading over to my Patreon page. Many thanks to those who are already contributing!

TINDER COLLECTS LOADS OF PERSONAL INFORMATION about its users, according to this story by someone who requested everything the firm had on her: http://bit.ly/2xylw5a

I can’t say I’m as surprised as the author apparently was at this fact; it is a dating app, after all. However, it’s worth noting that the rights being described here – known in policy-speak as subject access requests – are going to be strengthened under the EU’s incoming General Data Protection Regulation (GDPR). From May next year, it’s going to become a lot easier to make companies reveal what have on you, and the results may give some people second thoughts about the services they use.

On the transparency front, Tinder actually behaved relatively well here. Soon, companies will be forced to behave well.

GOOGLE’S IMAGE-SEARCH FUNCTIONALITY can’t infringe on copyright even if it’s showing users thumbnails of copyright-infringing images. That’s according to a ruling by Germany’s federal court of justice: http://zd.net/2xxq1go

This will probably be a useful ruling to refer back to in future, thanks to another ruling last year by the Court of Justice of the European Union (http://for.tn/2cchnIy). The CJEU said it is possible to infringe copyright by linking to a copyright-infringing image, adding that this particularly holds when you’re publishing the link for commercial purposes. However, in the case involving Google’s image-search tool, the German court said that’s not a reasonable standard for search engines, which have no practical way of judging whether every piece of media they index has been put online legally.

THE EUROPEAN COMMISSION COMMISSIONED A STUDY on copyright infringement’s effect on legal sales of content. The study (http://bit.ly/2xhkvB2), delivered to the Commission in May 2015, found copyright infringement was widespread, but there was no “robust statistical evidence” that this displaced actual sales.

The Commission promptly released the €360,000, taxpayer-funded study to better inform the debate over copyright, and provide an independent counterweight to the lobbying of those in the creative industries who claim “piracy” is killing their businesses.

Just kidding. The Commission sat on the report, and we only know what the study said because Pirate MEP Julia Reda managed to get her hands on a copy: http://bit.ly/2xWPenL

If you’d like me to write articles for you about digital rights issues, speak at your event or provide advice for your business, drop me an email at david@dmeyer.eu.

BREACHES OF THE WEEK: Oh boy, so many to choose from here. How about the leaking of half a million records from SVR Tracking, whose devices track vehicles? That information can tell people where a car has been or, if they’re thieves, where it currently is: http://bit.ly/2jMHhLs

Or how about the 2016 security breach (only just revealed though) at the US Securities and Exchange Commission, which would have allowed hackers to make a bundle on insider trading? http://wapo.st/2xtHR6q

Or Deloitte! The accountancy firm was breached for months without noticing, giving the attackers access to emails relating to big-name clients: http://bit.ly/2flMKUv

PS – The CEO of credit reporting firm Equifax has finally resigned following its catastrophic security breach affecting the personal data of 143 million people (see http://bit.ly/2xyuwaQ)…. aaaand he’s collecting $90 million on the way out the door: http://for.tn/2fQRt0Y. Truly, there is no justice.

About the author

I’m David Meyer, a tech journalist with more than a decade’s experience writing about technology. I’ve covered many topics in that time, though I’m most interested in the policy decisions and technological breakthroughs that will shape our world. You can find me on Twitter as @superglaze and on Facebook as @davidmeyerwrites.